FLOPPIX Home | FAQ | Download | Labs | ToC | Back |  Next 

Passwords and Permisssions


Notes:

Ordinary users have two ways of protecting the data in their accounts:

1. choose a secure password
2. set permissions

Changing your password:

  1. One of the easiest method of breaking into a system is to crack a weak password. To create a secure password:
  2. One way to create a secure password is suggested in the passwd man page.
  3. The command to change your password is: passwd

Setting permissions:

Access to files and directories is controlled by a permissions at both the file and directory levels.


Exercises:

  1. Try to change your password to cat. What error message did you get?
     
  2. Try to change your password to blackcat. What error message did you get?
     
  3. Think up a password and change your password.
     
  4. Try to the password for another user. For example, enter the command:  
         passwd floopy
    What error message did you get?
     
  5. Can you view the contents of the directory /sbin?
     
  6. What are the permissions for the directory /sbin?
     
  7. Change the permissions on "readme" in your own home so that you have read/write access, the group has read access and others have no access.
     
  8. Change permissions on your home directory so that you have read/write/execute permissions, the group has read/execute permissions, and everyone else has no access.
     
  9. Make sure that you are in your own home directory. Create a subdirectory called ddd and copy readme to ddd/fff (a file called fff in the ddd subdirectory).
  10. Try the following exercise to see some of the operations that you can and cannot do when you have only read permission on a directory.
  11. Try the following to see what you can do when you have read and execute permission for a directory.
  12. Try the following to see what you can do when you have write and execute permissions for a directory.
  13. Try the following to see what you can do when you have only execute permissions for a directory.


Questions and Answers:

  1. The directory entries for the /etc directory and the file /etc/passwd are:
    -rwxr-xr-x 18 root root 1024 May 20 11:58 /etc
    -rw-r--r--  1 root root  658 May 20 11:58 /etc/passwd

    Can you modify this file (assuming you are not root)?
     
    Answer:  No.
     
  2. Can you copy /etc/passwd to your own home directory assuming that you have write and execute permissions for your own home directory?
     
    Answer:  Yes. Everyone has read permission for this file and can make a copy.
     
  3. If you are not floopy, can you copy /etc/passwd (permissions rw-r--r--) to the directory /home/floopy? The permissions on /home/floopy are rwxr-xr-x.
     
    Answer: No.  /home/floopy is owned by floopy and the permissions are rwxr-xr-x meaning that everyone can read the contents of the directory but only floopy can store files in this directory.
     
  4. File1 has permissions: r--r--r--
    You enter the command: chmod ug+w file1
    What are the new permissions?
     
    Answer:  rw-rw-r--
     
  5. What command will change the permissions on dir1 so that only the owner has read/execute access?
     
    Answer:  chmod 500 dir1
     
  6. Can you cd to dir1 given the permissions are drw-------?
     
    Answer:  No. Without execute access, you cannot cd to a directory or access any of the files in the directory.
     
  7. What command will change the permissions on dir1 so that you have write/execute permissions only?
     
    Answer:  chmod 300 dir1
     
  8. Can you copy readme (permissions r--r--r--) to dir1 (permissions d-wx------ ) if you own dir1?
     
    Answer:  Yes
     
  9. Can you get a directory listing for dir1 permissions (d-wx-wx-wx)?
     
    Answer:  No. If you do not have read permission for a directory, then essentially you have blind access; you can write files in the dir1 but you cannot get a directory listing.

Copyright © L.M.MacEwan
FLOPPIX Home | FAQ | Download | Labs | ToC | Back |  Next